newgidmap - set the gid mapping of a user namespace
newgidmap pid gid lowergid count [gid lowergid count [ ... ]]
The newgidmap sets /proc/[pid]/gid_map based on its command line arguments and the gids allowed. Subgid delegation can either be managed via /etc/subgid or through the configured NSS subid module. These options are mutually exclusive.
Note that the root group is not exempted from the requirement for a valid /etc/subgid entry.
After the pid argument, newgidmap expects sets of 3 integers:
newgidmap verifies that the caller is the owner of the process indicated by pid and that for each of the above sets, each of the GIDs in the range [lowergid, lowergid+count) is allowed to the caller according to /etc/subgid before setting /proc/[pid]/gid_map.
Note that newgidmap may be used only once for a given process.
There currently are no options to the newgidmap command.